webapp-testing
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/with_server.pyutilizessubprocess.Popenwith theshell=Trueparameter to run commands provided via the--servercommand-line argument. This allows for the execution of arbitrary shell strings, which is a significant security risk if the input strings are derived from untrusted project metadata or external configuration files. - [PROMPT_INJECTION]: The
SKILL.mdfile contains instructions that discourage the agent from reviewing the source code of the included scripts ('DO NOT read the source until you try running the script first'). This behavior-influencing prompt acts as a safety bypass, as it pressures the agent to execute code as a 'black-box' without verifying its security implications or identifying the risky shell execution patterns within.
Audit Metadata